bd6b94feeafcdd10e4a2784ee63cc9442c779293315d4c8514ded6c825eb7bea

Sharing

Copy URL Twitter E-mail

General

Target

bd6b94feeafcdd10e4a2784ee63cc9442c779293315d4c8514ded6c825eb7bea
Size

4.2MB
MD5

1d8041a88c845937ed6f4065f76b95da
SHA1

937428129c1f5831068292f1e6ca40139322cf32
SHA256

bd6b94feeafcdd10e4a2784ee63cc9442c779293315d4c8514ded6c825eb7bea
SHA512

cff99241585e13602594bbbaf90559b59cbc77aa1fed366be01532a180960aaaab7a92b8179c5a27bc2cb99e9292b9dadd1640eed986deda540cf30e0944c041
SSDEEP

49152:SKqdHUdKjeevdH93Iwpjg/6a6MDP+jjwFQfLnU+s8KuqGaX0ToIBAUZLY:CgTevdH55j8/DGjjtjXJBAUZL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd6b94feeafcdd10e4a2784ee63cc9442c779293315d4c8514ded6c825eb7bea

Files

bd6b94feeafcdd10e4a2784ee63cc9442c779293315d4c8514ded6c825eb7bea
.exe windows:4 windows x86 arch:x86

71a23cb5e3963383a31d1f9223e2c95f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
LoadLibraryA
FreeLibrary
FormatMessageA
GetUserDefaultLCID
ReadFile
MoveFileA
FindFirstFileA
RemoveDirectoryA
FindNextFileA
FindClose
GetFileSize
WritePrivateProfileStringA
CreateFileA
WriteFile
CreateDirectoryA
DeleteFileA
IsBadReadPtr
HeapReAlloc
HeapAlloc
ExitProcess
GetModuleHandleA
LocalSize
GlobalSize
lstrlenW
RtlMoveMemory
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceA
GetNativeSystemInfo
GetProcessHeap
Process32Next
Process32First
CreateToolhelp32Snapshot
GetModuleHandleW
CloseHandle
SetWaitableTimer
CreateWaitableTimerW
HeapFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MultiByteToWideChar
WideCharToMultiByte
SetStdHandle
IsBadCodePtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
IsBadWritePtr
LCMapStringW
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetACP
HeapSize
RaiseException
TerminateProcess
RtlUnwind
GetCommandLineA
GetStartupInfoA
GetOEMCP
GetCPInfo
FlushFileBuffers
SetFilePointer
GetCurrentProcess
SetErrorMode
GetProcessVersion
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetLastError
SetLastError
InterlockedIncrement
lstrcpyA
lstrcatA
InterlockedDecrement
GlobalFlags
MulDiv
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
GetProcAddress
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GetModuleFileNameA
GetTickCount
lstrlenA

user32

DefWindowProcW
CreateWindowExW
SendMessageW
SystemParametersInfoA
GetClassNameW
SetWindowLongA
CallWindowProcA
IsWindow
GetMessageW
TranslateMessage
DispatchMessageW
LoadCursorW
LookupIconIdFromDirectoryEx
SetCursor
SendMessageA
KillTimer
GetAsyncKeyState
IntersectRect
InvalidateRect
UpdateLayeredWindow
ReleaseCapture
PostMessageW
IsZoomed
IsIconic
GetPropA
LoadCursorFromFileW
PtInRect
ReleaseDC
SetCaretPos
GetCursorPos
GetWindowRect
CallWindowProcW
TrackMouseEvent
ShowWindow
BeginPaint
EndPaint
SetCapture
OpenIcon
GetSystemMetrics
SetForegroundWindow
MoveWindow
PostMessageA
GetFocus
SetFocus
SetWindowLongW
SetWindowPos
PostQuitMessage
EnableWindow
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
SetWindowsHookExA
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
RegisterClassExW
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
RegisterClipboardFormatA
GetClassNameA
GetDlgCtrlID
GetWindow
ClientToScreen
SetWindowTextA
UnhookWindowsHookEx
GetMenuItemCount
GetDC
TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
SendDlgItemMessageA
IsDialogMessageA
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
GetClassLongA
CreateWindowExA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetActiveWindow
GetSysColor
MapWindowPoints
UpdateWindow
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
UnregisterClassA
PostThreadMessageA
DestroyMenu
CreateDialogIndirectParamA
EndDialog
SetPropA
GetClassLongW
GetWindowTextA
GetParent
SetWindowRgn
GetWindowTextW
RemovePropA
MessageBoxA
wsprintfA
MsgWaitForMultipleObjects
CopyImage
CreateIconFromResourceEx
SetTimer
GetNextDlgTabItem
PeekMessageA
GetMessageA
DispatchMessageA

gdi32

SetTextColor
SetMapMode
SetViewportOrgEx
GetDIBits
CreateRectRgn
CreateRoundRectRgn
DeleteObject
SelectObject
CreateDIBSection
CreateCompatibleDC
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SetBkColor
GetStockObject
RestoreDC
SaveDC
CreateBitmap
BitBlt
DeleteDC
GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps

shlwapi

PathFileExistsA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteA
Shell_NotifyIconW

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromProgID
CoCreateInstance
OleRun
CoUninitialize
CoInitialize
StringFromGUID2
CLSIDFromString

gdiplus

GdipFillPath
GdipGetFamilyName
GdipGetFontSize
GdipGetFontStyle
GdipCreateFont
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipDeleteFont
GdipResetClip
GdipGraphicsClear
GdipCreateRegionRect
GdipSetClipRegion
GdipDrawRectangle
GdipDeletePen
GdipSetPenDashStyle
GdipFillRectangle
GdipDeleteBrush
GdipCreateSolidFill
GdipDeleteRegion
GdiplusStartup
GdipCreateLineBrush
GdipSetClipRect
GdipGetTextRenderingHint
GdipSetTextRenderingHint
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetSmoothingMode
GdipSetSmoothingMode
GdipDrawImageRectRect
GdipGetImagePixelFormat
GdipCloneBitmapArea
GdipGetImageWidth
GdipGetImageHeight
GdipDisposeImage
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageRect
GdipCreateStringFormat
GdipSetStringFormatHotkeyPrefix
GdipDeleteStringFormat
GdipCreateLineBrushFromRect
GdipCreatePen2
GdipFillPolygon
GdipCreatePathGradientFromPath
GdipDrawPolygon
GdipGetCompositingQuality
GdipCreateHBITMAPFromBitmap
GdipCreateImageAttributes
GdipGetImageGraphicsContext
GdipMeasureString
GdipGetFontHeight
GdipDrawString
GdipCreateBitmapFromScan0
GdipClosePathFigure
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipSetStringFormatAlign
GdipSetStringFormatTrimming
GdipSetStringFormatFlags
GdipGetStringFormatAlign
GdipGetStringFormatTrimming
GdipGetStringFormatFlags
GdipImageSelectActiveFrame
GdipAddPathArc
GdipCreatePath
GdipDeletePath
GdipDrawPath
GdipCreateRegionHrgn
GdipGetRegionBounds
GdipMeasureCharacterRanges
GdipCreateRegion
GdipSetStringFormatMeasurableCharacterRanges
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount

oleaut32

VarR8FromCy
VarR8FromBool
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayDestroy
OleLoadPicture

imm32

ImmAssociateContext
ImmGetContext

oledlg

ord8

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comctl32

ord17

Sections

.text
Size: 580KB - Virtual size: 577KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.6MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

71a23cb5e3963383a31d1f9223e2c95f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shlwapi

advapi32

shell32

ole32

gdiplus

oleaut32

imm32

oledlg

winspool.drv

comctl32

Sections

.text Size: 580KB - Virtual size: 577KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 3.6MB - Virtual size: 3.7MB

.text
Size: 580KB - Virtual size: 577KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 3.6MB - Virtual size: 3.7MB